configure_tls_1_2_default_secure_protocol_windows_server_2008_r2_sp1
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
configure_tls_1_2_default_secure_protocol_windows_server_2008_r2_sp1 [2021/09/30 15:06] – [Configuration Information for TLS 1.2.] wikiadmin | configure_tls_1_2_default_secure_protocol_windows_server_2008_r2_sp1 [2021/09/30 15:28] (current) – [Configure the Registry to Turn on TLS 1.2] wikiadmin | ||
---|---|---|---|
Line 9: | Line 9: | ||
===== Update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP in Windows ===== | ===== Update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP in Windows ===== | ||
- | This update provides support for Transport Layer Security (TLS) 1.1 and TLS 1.2 in Windows Server 2012, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1. | + | The Windows |
- | To obtain the stand-alone package for this update, go to the Microsoft Update Catalog website here: https:// | + | To obtain the stand-alone package for this update |
- | Prerequisites | + | __Prerequisites |
To understand why this update is or may be necessary, please review this Microsoft Support article: | To understand why this update is or may be necessary, please review this Microsoft Support article: | ||
Line 28: | Line 28: | ||
At the top of the Window' | At the top of the Window' | ||
+ | |||
+ | ===== Configure the Registry to Turn on TLS 1.2 ===== | ||
In the registry, browse to **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols** | In the registry, browse to **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols** | ||
Line 70: | Line 72: | ||
**800**. | **800**. | ||
+ | ===== Block RC4 in .NET TLS ===== | ||
+ | |||
+ | If you have .NET Framework 4.x installed on the server, you should: | ||
+ | |||
+ | Add a **SchUseStrongCrypto** DWORD value to the **HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319** registry key and also add it to the **HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319** registry key. | ||
+ | |||
+ | From the Windows search bar, use regedit to open the Window Registry Editor. | ||
+ | Browse to **HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319**. | ||
+ | Create a new DWORD value named: | ||
+ | **SchUseStrongCrypto** | ||
+ | |||
+ | Set the value to: | ||
+ | **1** | ||
+ | |||
+ | On a 64-bit version of Windows, browse to **HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319** and repeat this same procedure by-- | ||
+ | |||
+ | Creating a new DWORD value named: | ||
+ | **SchUseStrongCrypto** | ||
+ | |||
+ | and setting the value to: | ||
+ | **1** | ||
+ | ==== Note: Restart the computer after modifying the registry ==== | ||
configure_tls_1_2_default_secure_protocol_windows_server_2008_r2_sp1.1633014405.txt.gz · Last modified: 2021/09/30 15:06 by wikiadmin